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DETAILED ACTION 

1. This action is in response to the amendment filed on May 16, 2005. Claims 1-55 
were originally received for consideration. No claims were amended, canceled, or 
added. Claims 1-55 are currently pending. 

Response to Arguments 

2. Applicant's arguments filed May 16, 2005 have been fully considered but they are 
not persuasive for the following reasons: 

Regarding claim 1 , the applicant argues that the CPA, McConnell et al. (WO 00/46963), 
does not teach "provisioning." This argument is not found persuasive. The CPA 
discloses that the WAP client is authenticated, and information gathered from this 
authentication can be used within another gateway (second provisioning system) to 
control the services which a user is authorized to access (page 19: lines 13-22). 
Provisioning is defined as providing users with "the process of providing users with 
access to data and technology resources" as defined by www.webopedia.com . Using 
this well-known definition of provisioning, the CPA does teach provisioning a device, as 
it provides information that is used by a gateway to determine if a user is allowed to 
access certain services. The LDAP interface (first provisioning system) uses 
information it retrieves from a subscriber information repository to authenticate a WAP 
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client, which may then be used in gateway 1 (second provisioning system) to control the 
services which a user is authorized to access. Furthermore, the applicant argues that 
the CPA does not teach or suggest "the ability of a mobile device to distinguish between 
a message from a primary TPD and a message from a secondary TPD." The examiner 
does not see a limitation which states that a mobile device has the ability to distinguish 
between a message from a primary TPD and a message from a secondary TPD. 
Therefore, it is believed that the CPA teaches, "provisioning" and "using the first 
provisioning system to authorize a second provisioning system." Therefore, the 
rejection for the claims 1-55 is respectfully maintained as given below. 

Claim Rejections - 35 USC § 102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351 (a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

3. Claims 1-4, 7, 15-17, 27-29, 39-41, 44, 45, 48, 49, 52, and 53 is rejected under 

35 U.S.C. 102(e) as being anticipated by McConnell et al. (WO 00/46963). 

5. With respect to claims 1 and 39, McConnell et al. disclose a method comprising: 

Operating a first provisioning system authorized to provision a processing device 
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on a network (page 13, lines 1 1-24), wherein the provisioning system is within a trusted 
environnent (Figure 1); and 

Using the first provisioning system to authorize a second provisioning system 
outside the trusted environment (Figure 1) to provision the processing device (page 19, 
lines 13-25). 

4. With respect to claim 2, McConnell et al. disclose the method, wherein said using 
the first provisioning system to authorize a second provisioning system comprises using 
the first provisioning system to provision authorization of the second provisioning 
system in the processing device (page 19, lines 13-25). 

5. With respect to claim 3, McConnell et al. disclose the method, wherein said using first 
provisioning system to authorize a second provisioning system comprises using the first 
provisioning system to send a provisioning message to the processing device, the 
provisioning message indicating authorization of the second provisioning system to 
provision the processing device (page 19, lines 13-25). 

6. With respect to claim 4, McConnell et al. disclose the method wherein the 
provisioning message further specifies one or more parameters which the second 
provisioning system is authorized to provision (page 19, lines 17-18). 

7. With respect to claim 7, McConnell et al. disclose that the processing device is a 
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mobile device on a wireless network (page 8, lines 10-16). 

8. With respect to claim 15, McConnell et al. disclose a method comprising: 

Operating a primary trusted provisioning domain (TPD) (Figure 1); and 
Using the primary TPD to provision a mobile device on a wireless network (page 

8, lines 10-16) by sending a provisioning message to the mobile device (page 19, lines 
13-25), the provisioning message specifying a secondary TPD authorized to provision 
the mobile device (page 19, lines 13-25), and an identifier of one or more parameters 
which the secondary TPD is authorized to provision (page 19, lines 17-18). 

9. With respect to claim 27, McConnell et al. disclose a provisioning system 
comprising: 

A processor (page 1 1 , lines 22-24); 

A data communications device coupled to the processor to communicate data 
with one or more remote systems (page 8, lines 24-26); and 

A memory (page 8, line 22) coupled to the processor and storing instructions for 
execution by the processor to cause the provisioning system to provision a mobile 
device on a wireless network (page 8, lines 10-16) by sending a provisioning message 
to the mobile device (page 19, lines 13-25), the provisioning message specifying a 
second provisioning system authorized to provision the mobile device (page 19, lines 
13-25) and an identifier of one or more parameters which the second provisioning 
system is authorized to provision (page 19, lines 17-18). 
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10. With respect to claim 40, McConnell et al. disclose a method of operating a mobile 
device on a wireless network, the method comprising: 

Receiving a provisioning message from a first trusted provisioning domain 
(TPD), the provisioning message specifying a second TPD and indicating a parameter 
which the second TPD is authorized to provision in the mobile device (page 19, lines 24 
-27); 

Storing information identifying the second TPD and the parameter in response to 
the provisioning message (page 20, lines 2-3); and 

Provisioning the parameter in the mobile device in response to a provisioning 
message from the second TPD (page 20, lines 2-3). 

r. With respect to claim 44, McConnell et al. disclose a method of operating a mobile 
device on a wireless network, the method comprising: 

Receiving a provisioning message from a remote source, the provisioning 
message specifying a parameter (page 19, lines 24-27); 

Determining whether the remote source is a primary trusted provisioning 
domain (TPD) (page 20, lines 5-24); 

If the remote source is the primary TPD, provisioning the parameter in the 
mobile device in response to the provisioning message (page 20, lines 5-24); 

If the remote source is not the primary TPD, determining whether the remote 
source is a secondary TPD authorized to provision the parameter, based on a 



Application/Control Number: 09/904,010 Page 7 

Art Unit: 2131 

provisioning authorization previously received by the mobile device from the primary 
TPD (page 20, lines 5-24); and 

If the remote source is a secondary TPD authorized to provision the parameter, 
provisioning the parameter in the mobile device in response to the provisioning 
message (page 20, lines 5-24). 

12. With respect to claim 48, McConnell et al. disclose a mobile device configured to 
operate on a wireless network, the mobile device comprising'. 

A processor (page 8, lines 10-16: It is inherent in mobile devices to have a 
processor); 

A data communication device coupled to the processor to communicate data with 
one or more remote systems via the wireless network (page 19, lines 1-2)., and 

A memory coupled to the processor and storing instructions for execution by the 
processor to configure the mobile device to execute a process comprising: 

Receiving a provisioning message from a first trusted provisioning domain 
(TPD) via the wireless network, the provisioning message specifying a second TPD and 
indicating a parameter which the second TPD is authorized to provision in the mobile 
device (page 19, lines 24-27); 

Storing information identifying the second TPD and the parameter in response to 
the provisioning message (page 20, lines 2-3),. and 

Provisioning the parameter in the mobile device in response to a provisioning 
message from the second TPD (page 20, lines 2-3). 
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13. With respect to claim 52, McConnell et al. disclose a mobile device configured to 
operate on a wireless network, the mobile device comprising: 

A processor (page 8, lines 10-16: It is inherent in mobile devices to have a 
processor; 

A data communication device coupled to the processor to communicate data with 
one or more remote systems via the wireless network (page 19, lines 1-2); and 

A memory coupled to the processor and storing instructions for execution by the 
processor to configure the mobile device to execute a process comprising: 

Receiving a provisioning message from a remote source, the provisioning 
message specifying a parameter (page 19, lines 24-27); 

Determining whether the remote source is a primary trusted provisioning 
domain (TPD) (page 20, lines 5-24); 

If the remote source is the primary TPD, provisioning the parameter in the 
mobile device in response to the provisioning message (page 20, lines 5-24)., 

If the remote source is not the primary TPD, determining whether the 
remote source is a secondary TPD authorized to provision the parameter, based on a 
provisioning authorization previously received by the mobile device from the primary 
TPD (page 20, lines 5-24); and 

If the remote source is a secondary TPD authorized to provision the 
parameter, provisioning the parameter in the mobile device in response to the 
provisioning message (page 20, lines 5-24). 
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14. With respect to claims 16, 28, 41, 45, 49, and 53, McConnell et al. disclose the 
method wherein the primary TPD is within a trusted environment (Figure 1 ), and 
wherein the secondary TPD is outside the trusted environment (Figure 1). 

15. With respect to claims 17 and 29, McConnell et al. disclose the method wherein the 
secondary TPD communicates with the mobile device via a second network that is 
outside the trusted environment (Figure 1). 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 1 02 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

16. Claims 5, 6, 8-14, 18-26, 30-38, 42, 43, 46, 47, 50, 51, 54, and 55 are rejected 
under 35 U.S.C. 103(a) as being unpatentable over McConnell et al. in view of 
Ramasubramanian et al.. (U.S. Patent 6,233,577). 

17. With respect to claims 5, 19, 23, 31 and 35, McConnell et al. discloses the 
limitations set forth in claim 1 , upon which claim 5 is dependent. McConnell et al. also 
disclose using the primary provisioning server to specify one or more parameters which 
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the secondary provisioning server is authorized to provision in the mobile devices (page 
19, lines 17-18). McConnell et al. do not disclose using the first provisioning system to 
send a provisioning message to the processing device, the provisioning message 
indicating authorization of a plurality of other provisioning systems, including the second 
provisioning system, to provision the processing device. Ramasubramanian et al. 
disclose using the first provisioning system to send a provisioning message to the 
processing device, the provisioning message indicating authorization of a plurality of 
other provisioning systems, including the second provisioning system, to provision the 
processing device (column 4, lines 29-40). 

1 8. It would have been obvious to one of ordinary skill in the art at the time of the 
invention to combine the teachings of Ramasubramanian et al. with the teachings of 
McConnell et al. in order to enable clients to access any secure web sites without 
demanding additional memory and power (column 8, lines 2-5). 

19. With respect to claims 6, 22, 24, 25, 34, 36, and 37, McConnell et al. disclose using 
the primary provisioning server to specify one or more parameters which the secondary 
provisioning server is authorized to provision in the mobile devices (page 19, lines 17- 
18). 

20. With respect to claim 8, McConnell et al. discloses the limitations set forth in claim 
7, upon which claim 8 is dependent. McConnell et al. do not disclose using a digital 
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signature to provision the mobile device. Ramasubramanian et al. disclose using a 
digital signature to provision the mobile device (column 4, lines 29-30). 

21 . It would have been obvious to one of ordinary skill in the art at the time of the 
invention to combine the teachings of Ramasubramanian et al. with the method of 
McConnell et al. in order to utilize the most secure use of authentication (column 4, lines 
29-30). 

22. With respect to claim 9, McConnell et al. do not disclose using the digital signature 
to authenticate the source of the provisioning message. Ramasubramanian et al. 
disclose using the digital signature to authenticate the source of the provisioning 
message (column 4, lines 29-30). 

23. Please refer above for the motivational benefits with regards to the application of the 
teachings of Ramasubramanian et al. to the teachings of McConnell et al. 

24. With respect to claim 10, McConnell et al. do not disclose using the first 
provisioning system to provision the mobile device with a digital certificate identifying 
the first provisioning system. Ramasubramanian et al. disclose using the first 
provisioning system to provision the mobile device with a digital certificate identifying 
the first provisioning system (column 7, lines 10-14). 
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25. Please refer above for the motivational benefits with regards to the application of the 
teachings of Ramasubramanian et al. to the McConnell of Smith et al. 

26. With respect to claim 1 1 , McConnell et al. do not disclose using the first 
provisioning system to provision the mobile device with a digital certificate identifying 
the second provisioning system. Ramasubramanian et al. disclose using the first 
provisioning system to provision the mobile device with a digital certificate identifying 
the second provisioning system (column 7, lines 10-14). 

27. Please refer above for the motivational benefits with regards to the application of the 
teachings of Ramasubramanian et al. to the teachings of McConnell et al. 

32. With respect to claim 12, McConnell et al. disclose a method wherein the second 
provisioning system is on a second network that is outside the trusted environment and 
separate from, but coupled to, the wireless network (Figure 1 ). 

28. With respect to claims 13, 26, and 38, McConnell et al. do not disclose a method 
wherein the first provisioning system has unrestricted authorization to provision the 
mobile device, and the authorization of the second provisioning system to provision the 
mobile device is regulated from the first provisioning system. Ramasubramanian et al. 
disclose a method wherein the first provisioning system has unrestricted authorization to 
provision the mobile device, and the authorization of the second provisioning system to 
provision the mobile device is regulated from the first provisioning system (column 4, 
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29. Please refer above for the motivational benefits with regards to the application of the 
teachings of Ramasubramanian et al. to the teachings of McConnell et al. 

30. With respect to claim 14, McConnell et al. do not disclose using the first 
provisioning system to provision the mobile device with digital certificates identifying a 
plurality of other provisioning systems. Ramasubramanian et al. disclose using the first 
provisioning system to provision the mobile device w1t1 1 digital certificates identifying a 
plurality of other provisioning systems (column 7, lines 10-14). 

31 . Please refer above for the motivational benefits with regards to the application of the 
teachings of Ramasubramanian et al. to the teachings of McConnell et al. 

32. With respect to claims 18 and 30, McConnell et al. disclose the limitations set forth 
in claims 16 and 28, upon which claims 18 and 30 are dependent. McConnell et al. do 
not disclose using the primary TPD system to provision the mobile device with a digital 
certificate identifying the secondary TPD to enable the secondary TPD to provision the 
mobile device using a digital signature. Ramasubramanian et al. disclose using the 
primary TPD system to provision the mobile device with a digital certificate identifying 
the secondary TPD to enable the secondary TPD to provision the mobile device using a 
digital signature (column 7, lines 10-14; column 8, lines 1-5). 
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33. Please refer above for the motivational benefits with regards to the application of the 
teachings of Ramasubramanian et al. to the teachings of McConnell et al. 

34. With respect to claims 20 and 32, McConnell et al. disclose a method comprising: 

Operating a primary provisioning server within a predefined trusted environment 
(Figure 1); 

A secondary provisioning server in the mobile devices, wherein the secondary 
provisioning server is on a second network outside the trusted environment (Figure 1); 
and 

Using the primary provisioning server to provision the mobile devices with 
information indicating to the mobile devices authorization of the secondary provisioning 
server to provision the mobile devices (page 8, lines 10-16; page 19, lines 13-25). 

35. McConnell et al. do not disclose a method comprising: 

Operating a primary provisioning server having authorization to provision a 
plurality of mobile devices on a wireless network; 

Using the primary provisioning server to provision a digital certificate of the 
primary provisioning server in each of the mobile devices; 

Using the primary provisioning server to provision a digital certificate of a 
secondary provisioning server in the mobile devices. 
Ramasubramanian et al. disclose a method comprising: 
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Operating a primary provisioning server having authorization to provision a 
plurality of mobile devices on a wireless network (column 4, lines 29-40); 

Using the primary provisioning server to provision a digital certificate of the 
primary provisioning server in each of the mobile devices (column 7, lines 10-14); 

Using the primary provisioning server to provision a digital certificate of a 
secondary provisioning server in the mobile device (column 7, lines 10-14). 

36. Please refer above for the motivational benefits with regards to the application of the 
teachings of Ramasubramanian et al. to the teachings of McConnell et al. 

37. With respect to claims 21 and 33, McConnell et al. do not disclose a method 
wherein the primary and secondary provisioning servers each use their respective 
digital certificates when provisioning the mobile devices, to enable the mobile devices to 
authenticate provisioning messages from the primary and secondary provisioning 
servers. 

Ramasubramanian et al. disclose a method wherein the primary and secondary 
provisioning servers each use their respective digital certificates when provisioning the 
mobile devices, to enable the mobile devices to authenticate provisioning messages 
from the primary and secondary provisioning servers (column 4, lines 29-30). 

38. Please refer above for the motivational benefits with regards to the application of the 
teachings of Ramasubramanian et al. to the teachings of McConnell et al. 
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39. With respect to claims 42, 46, 50, and 54, McConnell et al. do not disclose a method 
comprising: 

Receiving a digital certificate of the second TPD from the first TPD; and 
Using the digital certificate in the mobile device to authenticate the provisioning 
message from the second TPD. 

45. Ramasubramanian discloses a method as recited in claim 41, further comprising: 
Receiving a digital certificate of the second TPD from the first TPD; and 
Using the digital certificate in the mobile device to authenticate the provisioning 

message from the second TPD (column 4, lines 29-30). 

40. Please refer above for the motivational benefits with regards to the application of the 
teachings of Ramasubramanian et al. to the teachings of McConnell et al. 

41. With respect to claims 43, 47, 51, and 55, McConnell et al. disclose using the 
primary provisioning server to specify one or more parameters which the secondary 
provisioning server is authorized to provision in the mobile devices (page 19, lines 17- 
18). McConnell et al. do not disclose a method wherein the provisioning message 
specifies a plurality of secondary TPDS, the method further comprising storing 
information identifying each of the secondary TPDS and the corresponding parameters 
in response to the provisioning message. Ramasubramanian discloses a method 
wherein the provisioning message specifies a plurality of secondary TPDS (column 4, 
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lines 29-40), the method further comprising storing information identifying each of the 
secondary TPDS and the corresponding parameters in response to the provisioning 
message (column 7, lines 10-32). 

42. Please refer above for the motivational benefits with regards to the application of the 
teachings of Ramasubramanian et al. to the teachings of McConnell et al. 

Conclusion 

THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Kaveh Abrishamkar whose telephone number is 571- 
272-3786. The examiner can normally be reached on Monday thru Friday 8-5. 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on 571-272-3795. The fax phone number for 
the organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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